From owner-p4-projects Fri Jan 3 0:50:23 2003 Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id 113E137B406; Fri, 3 Jan 2003 00:49:59 -0800 (PST) Delivered-To: perforce@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9993737B401 for ; Fri, 3 Jan 2003 00:49:58 -0800 (PST) Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115]) by mx1.FreeBSD.org (Postfix) with ESMTP id 49F2F43EC5 for ; Fri, 3 Jan 2003 00:49:57 -0800 (PST) (envelope-from chris@freebsd.org) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.12.6/8.12.6) with ESMTP id h038nvfh084833 for ; Fri, 3 Jan 2003 00:49:57 -0800 (PST) (envelope-from chris@freebsd.org) Received: (from perforce@localhost) by repoman.freebsd.org (8.12.6/8.12.6/Submit) id h038nu0C084830 for perforce@freebsd.org; Fri, 3 Jan 2003 00:49:56 -0800 (PST) Date: Fri, 3 Jan 2003 00:49:56 -0800 (PST) Message-Id: <200301030849.h038nu0C084830@repoman.freebsd.org> X-Authentication-Warning: repoman.freebsd.org: perforce set sender to chris@freebsd.org using -f From: Chris Costello Subject: PERFORCE change 23094 for review To: Perforce Change Reviews Sender: owner-p4-projects@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG http://perforce.freebsd.org/chv.cgi?CH=23094 Change 23094 by chris@chris_holly on 2003/01/03 00:49:22 Beginning to get the updates to the MPO doc online. Still needs plenty of work but this stuff needs to be committed. A good chunk of the new additions to the entry point list has been added, with more to come. However, I am still not finished. Just as in this commit, the next few commits will include new additions as well as revisions to existing entry points. A few upcoming major changes: o We're going to rely more on entities for otherwise repetitive markup. For example, in this commit I add an entity representing the parameters for the internalize and externalize prototypes, one for the listing, and one for the paragraph, since they all essentially do the same thing. The next wave of this 'entitization' will address reused parameters, e.g. "struct label *label" will become &mac.struct.label.label;. o Reorganization. Once all the individual entry points are up to date, all the various sections will be reexamined. (I know many entry points are not in the right place at all.) o An index or contents. Still need to figure out how to do this properly, because this is just one big file with no links into various parts of it, which makes it kinda hard to use. Affected files ... .. //depot/projects/trustedbsd/doc/en_US.ISO8859-1/books/developers-handbook/mac.ent#4 edit .. //depot/projects/trustedbsd/doc/en_US.ISO8859-1/books/developers-handbook/mac/chapter.sgml#18 edit .. //depot/projects/trustedbsd/doc/en_US.ISO8859-1/books/handbook/security/chapter.sgml#9 edit .. //depot/projects/trustedbsd/doc/share/sgml/man-refs.ent#10 edit Differences ... ==== //depot/projects/trustedbsd/doc/en_US.ISO8859-1/books/developers-handbook/mac.ent#4 (text+ko) ==== @@ -12,3 +12,109 @@ '> + +struct label *label + char *element_name + char *element_data + size_t size + size_t *len + int *claimed +'> + + + + label + Label to be externalized + + + + element_name + Name of the policy whose label should be externalized + + + + element_data + Buffer; to be filled in with text representation of label + + + + size + Size of element_data + + + + len + To be filled in with the length of the string representing the + label data. + + + + claimed + Should be incremented when element_data + can be filled in. + + +'> + +Produce an externalized label based on the label structure passed. + An externalized label consists of a text representation of the label + contents that can be used with userland applications and read by the + user. Currently, all policies' externalize entry + points will be called, so the implementation should check the contents + of element_name before attempting to fill in + element_data. If + element_name does not match the name of your + policy, simply return 0. Only return nonzero + if an error occurs while externalizing the label data. Once the policy + fills in element_data, *claimed + should be incremented. +"> + +struct label *label + char *element_name + char *element_data + int *claimed +'> + + + + label + Label to be filled in + + + + element_name + Name of the policy whose label should be internalized + + + + element_data + Text data to be internalized + + + + claimed + Should be incremented when data can be successfully + internalized. + + +'> + +Produce an internal label structure based on externalized label data + in text format. Currently, all policies' internalize + entry points are called when internalization is requested, so the + implementation should compare the contents of + element_name to its own name in order to be sure + it should be internalizing the data in element_data. + Just as in the externalize entry points, the entry + point should return 0 if + element_name does not match its own name, or when + data can successfully be internalized, in which case + *claimed should be incremented. +"> ==== //depot/projects/trustedbsd/doc/en_US.ISO8859-1/books/developers-handbook/mac/chapter.sgml#18 (text+ko) ==== @@ -60,7 +60,7 @@ - Writing MAC Policies + The TrustedBSD MAC Framework Synopsis @@ -166,37 +166,33 @@ policy, provides a reference to the MAC entry point vector, provides load-time flags determining how the policy framework should handle the policy, and optionally requests the - allocation of label state by the framework: - - static struct mac_policy_op_entry &mac.mpo;_ops[] = -{ - { MAC_DESTROY, - (macop_t)mac_none_destroy }, - { MAC_INIT, - (macop_t)mac_none_init }, - { MAC_INIT_BPFDESC, - (macop_t)mac_none_init_bpfdesc }, + allocation of label state by the framework. + + static struct mac_policy_ops mac_policy_ops = +{ + .mpo_destroy = mac_policy_destroy, + .mpo_init = mac_policy_init, + .mpo_init_bpfdesc_label = mac_policy_init_bpfdesc_label, + .mpo_init_cred_label = mac_policy_init_label, /* ... */ - { MAC_CHECK_VNODE_STAT, - (macop_t)mac_none_check_vnode_stat }, - { MAC_CHECK_VNODE_WRITE, - (macop_t)mac_none_check_vnode_write }, - { MAC_OP_LAST, NULL } + .mpo_check_vnode_setutimes = mac_policy_check_vnode_setutimes, + .mpo_check_vnode_stat = mac_policy_check_vnode_stat, + .mpo_check_vnode_write = mac_policy_check_vnode_write, }; The MAC policy entry point vector, - mac_none_ops in this example, associates + mac_policy_ops in this example, associates functions defined in the module with specific entry points. A complete listing of available entry points and their prototypes may be found in the MAC entry point reference section. Of specific interest during module registration are - the MAC_DESTROY and MAC_INIT - entry points. MAC_INIT will be invoked once a + the .mpo_destroy and .mpo_init + entry points. .mpo_init will be invoked once a policy is successfully registered with the module framework but prior to any other entry points becoming active. This permits the policy to perform any policy-specific allocation and initialization, such as initialization of any data or - locks. MAC_DESTROY will be invoked when a + locks. .mpo_destroy will be invoked when a policy module is unloaded to permit releasing of any allocated memory and destruction of locks. Currently, these two entry points are invoked with the MAC policy list mutex held to @@ -304,6 +300,8 @@ Policy load event. The policy list mutex is held, so caution should be applied. + + @@ -379,6 +377,115 @@ File System Object Labeling Event Operations + + + <function>&mac.mpo;_associate_vnode_devfs</function> + + + + void + &mac.mpo;_associate_vnode_devfs + + struct mount + *mp + struct label + *fslabel + struct devfs_dirent + *de + struct label + *delabel + struct vnode + *vp + struct label + *vlabel + + + + + + &mac.thead; + + + + mp + Devfs mount point + + + + fslabel + Devfs file system label + (mp->mnt_fslabel) + + + + de + Devfs directory entry + + + + delabel + Policy label associated with + de + + + + vp + vnode associated with + de + + + + vlabel + Policy label associated with + vp + + + + + + Fill in the label (vlabel) for + a newly created devfs vnode based on the devfs directory + entry passed in de and its + label. + + + + <function>&mac.mpo;_copy_vnode_label</function> + + + + void + &mac.mpo;_copy_vnode_label + + struct label + *src + struct label + *dest + + + + + + &mac.thead; + + + + src + Source label + + + + dest + Destination label + + + + + + Copy the label information in + src into + dest. + <function>&mac.mpo;_create_devfs_device</function> @@ -688,55 +795,53 @@ the root file system is mounted, after &mac.mpo;_create_mount;. - - <function>&mac.mpo;_stdcreatevnode_ea</function> - + + + <function>&mac.mpo;_externalize_vnode_label</function> + + + + int + &mac.mpo;_externalize_vnode_label + + &mac.externalize.paramdefs; + + + + + + &mac.thead; + + &mac.externalize.tbody; + + + + &mac.externalize.para; + + + + <function>&mac.mpo;_internalize_vnode_label</function> + int - &mac.mpo;_stdcreatevnode_ea - - struct vnode - *vp - struct label - *vnodelabel + &mac.mpo;_internalize_vnode_label + + &mac.internalize.paramdefs; - + &mac.thead; - - - - vp - vnode to commit - Locked on entry, locked on exit - - - - vnodelabel - Label associated with - vp - - + + &mac.internalize.tbody; - - - This entry point is called when a vnode is to be - committed to disk via the extended attribute service (see - &man.extattr.9;). If committing to the disk is successful, - a value of 0 should be returned; - otherwise, an appropriate error code should be - returned. - - The current implementation as of July 24, 2002 - commits the data to disk from within the architecture. - The implementation will be updated to be closer to the - above documentation as development progresses. + + &mac.internalize.para; - + <function>&mac.mpo;_update_devfsdirent</function> @@ -1021,6 +1126,44 @@ IPC Object Labeling Event Operations + + + <function>&mac.mpo;_copy_pipe_label</function> + + + + void + &mac.mpo;_copy_pipe_label + + struct label + *src + struct label + *dest + + + + + + &mac.thead; + + + + src + Source label + + + + dest + Destination label + + + + + + Copy the label information in + src into + dest. + <function>&mac.mpo;_create_mbuf_from_socket</function> @@ -1123,63 +1266,169 @@ subject credential. This call is made when a socket is created. - - - <function>&mac.mpo;_create_socket_from_socket</function> - + + + <function>&mac.mpo;_externalize_ifnet_label</function> + + + + int + &mac.mpo;_externalize_ifnet_label + + &mac.externalize.paramdefs; + + + + + + &mac.thead; + + &mac.externalize.tbody; + + + + &mac.externalize.para; + + + + <function>&mac.mpo;_externalize_pipe_label</function> + + + + int + &mac.mpo;_externalize_pipe_label + + &mac.externalize.paramdefs; + + + + + + &mac.thead; + + &mac.externalize.tbody; + + + + &mac.externalize.para; + + + + <function>&mac.mpo;_externalize_socket_label</function> + + + + int + &mac.mpo;_externalize_socket_label + + &mac.externalize.paramdefs; + + + + + + &mac.thead; + + &mac.externalize.tbody; + + + + &mac.externalize.para; + + + + <function>&mac.mpo;_externalize_socket_peer_label</function> + + + + int + &mac.mpo;_externalize_socket_peer_label + + &mac.externalize.paramdefs; + + + + + + &mac.thead; + + &mac.externalize.tbody; + + + + &mac.externalize.para; + + + + <function>&mac.mpo;_internalize_ifnet_label</function> + + + + int + &mac.mpo;_internalize_ifnet_label + + &mac.internalize.paramdefs; + + + + + + &mac.thead; + + &mac.internalize.tbody; + + + + &mac.internalize.para; + + + + <function>&mac.mpo;_internalize_pipe_label</function> + + + + int + &mac.mpo;_internalize_pipe_label + + &mac.internalize.paramdefs; + + + + + + &mac.thead; + + &mac.internalize.tbody; + + + + &mac.internalize.para; + + + + <function>&mac.mpo;_internalize_socket_label</function> + - void - &mac.mpo;_create_socket_from_socket - - struct socket - *oldsocket - struct label - *oldsocketlabel - struct socket - *newsocket - struct label - *newsocketlabel + int + &mac.mpo;_internalize_socket_label + + &mac.internalize.paramdefs; - + &mac.thead; - - - - oldsocket - Object; parent socket; created from - &man.listen.2; - - - - oldsocketlabel - Label for - oldsocket - - - - newsocket - Object; child socket; incoming connection - - - - newsocketlabel - Label to be filled in for - newsocket - - + + &mac.internalize.tbody; - - Set the label on a newly created stream socket from the - passed listen socket. This call may occur during &man.accept.2;, - or prior to &man.accept.2;, depending on the protocol. + + &mac.internalize.para; - - + + <function>&mac.mpo;_socket_relabel</function> @@ -2155,10 +2404,9 @@ - Set the label of a newly created subject credential from the passed subject credential. This call will be made when - crcopy(9) is invoked on a newly created struct + &man.crcopy.9; is invoked on a newly created struct ucred. This call should not be confused with a process forking or creation event. @@ -2383,6 +2631,52 @@ Update the label on a subject credential from the passed update label. + + + <function>&mac.mpo;_externalize_cred_label</function> + + + + int + &mac.mpo;_externalize_cred_label + + &mac.externalize.paramdefs; + + + + + + &mac.thead; + + &mac.externalize.tbody; + + + + &mac.externalize.para; + + + + <function>&mac.mpo;_internalize_cred_label</function> + + + + int + &mac.mpo;_internalize_cred_label + + &mac.internalize.paramdefs; + + + + + + &mac.thead; + + &mac.internalize.tbody; + + + + &mac.internalize.para; + @@ -4733,12 +5027,12 @@ - <function>&mac.mpo;_init_bpfdesc</function> + <function>&mac.mpo;_init_bpfdesc_label</function> void - &mac.mpo;_init_bpfdesc + &mac.mpo;_init_bpfdesc_label struct bpf_d *bpf_d @@ -4770,12 +5064,12 @@ - <function>&mac.mpo;_init_devfsdirent</function> + <function>&mac.mpo;_init_devfsdirent_label</function> void - &mac.mpo;_init_devfsdirent + &mac.mpo;_init_devfsdirent_label struct devfs_dirent *devfs_dirent @@ -4807,12 +5101,12 @@ - <function>&mac.mpo;_init_ifnet</function> + <function>&mac.mpo;_init_ifnet_label</function> void - &mac.mpo;_init_ifnet + &mac.mpo;_init_ifnet_label struct ifnet *ifnet @@ -4844,12 +5138,12 @@ - <function>&mac.mpo;_init_ipq</function> + <function>&mac.mpo;_init_ipq_label</function> void - &mac.mpo;_init_ipq + &mac.mpo;_init_ipq_label struct ipq *ipq @@ -4879,14 +5173,14 @@ Initialize the label on a newly instantiated IP fragment reassembly queue. - + - <function>&mac.mpo;_init_mbuf</function> + <function>&mac.mpo;_init_mbuf_label</function> void - &mac.mpo;_init_mbuf + &mac.mpo;_init_mbuf_label struct mbuf *mbuf @@ -4908,7 +5202,7 @@ how - Blocking/non-blocking &man.malloc.9; see + Blocking/non-blocking &man.malloc.9;; see below @@ -4933,12 +5227,12 @@ - <function>&mac.mpo;_init_mount</function> + <function>&mac.mpo;_init_mount_label</function> void - &mac.mpo;_init_mount + &mac.mpo;_init_mount_label struct mount *mount @@ -4978,21 +5272,76 @@ Initialize the labels on a newly instantiated mount point. + + + <function>&mac.mpo;_init_mount_fs_label</function> + + + + void + &mac.mpo;_init_mount_fs_label + + struct label + *label + + + + + + &mac.thead; + + + + label + Label to be initialized + + + + + + Initialize the label on a newly mounted file + system. + + + + <function>&mac.mpo;_init_pipe_label</function> + + + + void + &mac.mpo;_init_pipe_label + + struct + label*label + + + + + + &mac.thead; + + + + label + Label to be filled in + + + + + Initialize a label for a newly instantiated pipe. + - <function>&mac.mpo;_init_socket</function> + <function>&mac.mpo;_init_socket_label</function> void - &mac.mpo;_init_socket + &mac.mpo;_init_socket_label - struct socket - *socket struct label *label - struct label - *peerlabel + int flag @@ -5002,37 +5351,66 @@ - socket - Object; socket + label + New label to initialize + flag + &man.malloc.9; flags + + + + + + Initialize a label for a newly instantiated + socket. + + + + <function>&mac.mpo;_init_socket_peer_label</function> + + + + void + &mac.mpo;_init_socket_peer_label + + struct label + *label + int flag + + + + + + &mac.thead; + + + label - New label to apply to the socket + New label to initialize - + - peerlabel - New label to apply to the socket's peer + flag + &man.malloc.9; flags - - Initialize the labels on a newly instantiated + >>> TRUNCATED FOR MAIL (1000 lines) <<< To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe p4-projects" in the body of the message